Docs
uhas
Quick Start
Quick Start to the Flagship Version

Flagship Version 3.X Quick Start

Flagship Bastion Machine 3.X Quick Start Guide

Enter the console, select [Products and Services] - [Security Compliance] - [Bastion Machine UHAS] - [Create Bastion Machine].

1. Choose the available zone where you need to create the bastion machine

The bastion machine can manage hosts in the same available zone, so you need to select which available zone to add the bastion machine to first.

2. Create a bastion machine

20 asset version: Can manage up to 20 hosts, the hosts can be either within or outside the cloud, including hosts on UCloud Global, Alibaba Cloud, Tencent Cloud, AWS, etc.

100 asset version: Can manage up to 100 hosts, the hosts can be either within or outside the cloud, including hosts on UCloud Global, Alibaba Cloud, Tencent Cloud, AWS, etc.

200 asset version: Can manage up to 200 hosts, the hosts can be either within or outside the cloud, including hosts on UCloud Global, Alibaba Cloud, Tencent Cloud, AWS, etc.

500 asset version: Can manage up to 500 hosts, the hosts can be either within or outside the cloud, including hosts on UCloud Global, Alibaba Cloud, Tencent Cloud, AWS, etc.

1000 asset version: Can manage up to 1000 hosts, the hosts can be either within or outside the cloud, including hosts on UCloud Global, Alibaba Cloud, Tencent Cloud, AWS, etc.

Select the EIP, bind the firewall, it is recommended to choose the default bastion machine firewall, release ports 33890, 22222, 80, 443, if there are other ports to be released, it is recommended to set them up in the firewall product, and then return to the bastion machine console to modify to a custom firewall.

Fill in the name of the Bastion Machine, you can not set it and use the default name. Or customize a name, support both Chinese and English. After successful payment, you can start using the Bastion Machine.

3. View the list information of the bastion machine

The list includes information of all purchased Bastion Machines:

  • Bastion Machine name: A custom name for the bastion machine;
  • Network: Internal and external IP, external IP can be used to access the console of the bastion machine;
  • Type of machine: The first number represents the CPU, the second number represents the memory, the third number represents the size of the data disk, the fourth number represents the number of manageable assets, and the fifth number represents the number of concurrent;
  • Expiration Date: The expiration date of the purchased Bastion Machine
  • Status: Shows the current status of the Bastion Machine, generally including shutdown and running;
  • Operation: [Management] refers to the entrance that can directly access the console of the Bastion Machine.

4. Manage Bastion Machine-Initialize Bastion Machine

  1. During initialization, click [Manage] cannot jump to the management system. Please wait until the initialization is over before opening the bastion machine management system.

  2. If you cannot open the management system, please check if the port 443 is open on the firewall

5. Log into the Bastion Machine Management System

The initial username at the first login: admin, password: admin. Please change the administrator password as soon as possible after login, and fill in the contact information correctly.

6. Bind Mobile Number

Enter [Personal Center] from the upper right corner and then modify your mobile number.

7. Create Department and User Account

8. Add the Host That Needs to be Audited

Enter [Resource] - [Host Management], click [New] button:

Fill in the related information of the host in the pop-up window and click confirm (you can also add the host account later)

In which,

Host Name: A custom name that can identify this host

Protocol Type: Choose according to the protocol type you need to use when logging in

Host Address: The IP address where the host is located. If the bastion machine and the host are in the same available zone, you can fill in the internal network address. If not, fill in the external network address.

Port: The port number to access the host

System Type: For example, if the host’s operating system is linux, choose linux.

More Options: Features required when logging into the host, such as file management

Belongs to the Department: Which department the host belongs to

Tags: Custom tags for easy classification and search of the host

9. Add Login Account

Fill in the correct login name and password.

10. Create Access Control Policy

The host can only be logged in after being authorized, so you need to create an access control policy.

Go to [Policy] - [Access Control Policy], click [New]:

Choose which users can access which resources:

11. Host Operation

Go to [Operation] - [Host Operation], you can log into the host to operate.

Note: If you need to log in management via client, please download the client configuration tool and configure according to the download file guide.

12. Client Configuration Login

Flagship version Bastion Machine supports common clients, such as xshell, Secure CRT. Putty, etc., configuration as below:

Introduction to Architecture and PrinciplesUser Manual for Flagship Edition